From a89505fd21da337b81172871d8f65d9a4fa22a8b Mon Sep 17 00:00:00 2001 From: Stephen Frost Date: Fri, 6 May 2016 14:06:50 -0400 Subject: Remove various special checks around default roles Default roles really should be like regular roles, for the most part. This removes a number of checks that were trying to make default roles extra special by not allowing them to be used as regular roles. We still prevent users from creating roles in the "pg_" namespace or from altering roles which exist in that namespace via ALTER ROLE, as we can't preserve such changes, but otherwise the roles are very much like regular roles. Based on discussion with Robert and Tom. --- src/backend/commands/variable.c | 7 ------- 1 file changed, 7 deletions(-) (limited to 'src/backend/commands/variable.c') diff --git a/src/backend/commands/variable.c b/src/backend/commands/variable.c index 05e59a6e097..f801faacd29 100644 --- a/src/backend/commands/variable.c +++ b/src/backend/commands/variable.c @@ -794,10 +794,6 @@ check_session_authorization(char **newval, void **extra, GucSource source) return false; } - /* Do not allow setting role to a reserved role. */ - if (strncmp(*newval, "pg_", 3) == 0) - return false; - /* Look up the username */ roleTup = SearchSysCache1(AUTHNAME, PointerGetDatum(*newval)); if (!HeapTupleIsValid(roleTup)) @@ -858,9 +854,6 @@ check_role(char **newval, void **extra, GucSource source) roleid = InvalidOid; is_superuser = false; } - /* Do not allow setting role to a reserved role. */ - else if (strncmp(*newval, "pg_", 3) == 0) - return false; else { if (!IsTransactionState()) -- cgit v1.2.3